khazix-writer
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses role-play to define the 'Digital Life Khazix' persona. The instructions are focused on stylistic nuances and do not contain patterns for bypassing safety filters, system prompt extraction, or ignoring previous constraints.
- [DATA_EXFILTRATION]: There are no indicators of sensitive data access or exfiltration. The contact email provided in the article template is a static string for author attribution and does not facilitate data harvesting.
- [EXTERNAL_DOWNLOADS]: No external scripts, packages, or remote assets are fetched or executed. The GitHub link mentioned serves as a source reference and is not used for runtime execution.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest untrusted data (PDFs, news links, briefs) to generate content.
- Ingestion points: SKILL.md specifies input formats like product briefs, news links, and PDFs.
- Boundary markers: None identified; user content is processed directly within the context.
- Capability inventory: The skill has no tool permissions and 'disable-model-invocation' is set to true, preventing the agent from executing code or accessing external APIs.
- Sanitization: No explicit sanitization or filtering instructions for input data are present.
Audit Metadata